Mennonite Mutual Insurance Privacy Code
Protecting the confidentiality of your personal information has always been an important part of the way we do business. To ensure that we protect your privacy, Mennonite Mutual Insurance has adopted a Privacy Code. This Code sets out how and why we collect and use personal information about our customers. It also explains limited circumstances under which we may need or be required to disclose it.
“Personal information” means information that identifies you as a specific individual. It does not include the sort of general information that could be found in a business directory or a telephone book.
Effective January 1, 2004, the Government of Canada implemented the last phase of a Personal Information Protection and Electronic Documents Act (PIPEDA). This federal statute now applies to insurance companies and many other industry sectors.
This legislation establishes rules and principles for the use and disclosure of personal information based on the ten privacy principles developed by the Canadian Standards Association. These principles recognize that we live in an era when commercial information is exchanged and circulated by electronic means. It balances the individual’s right to privacy in their personal information with the reasonable need of organizations to collect, use or disclose personal information.
Under the new legislation, an organization may collect, use or disclose personal information only for limited purposes that a reasonable person would consider to be appropriate in the circumstances.
The Personal Information Protection and Electronic Documents Act requires us to provide the same safeguards for your privacy that we have always provided on a voluntary basis. Our Privacy Code sets out these principles in simple terms. It explains how we ensure that your privacy and the confidentiality of your personal information are protected.
Our Privacy Code
Mennonite Mutual Insurance’s Privacy Code is based on the following ten principles adopted by the Personal Information Protection and Electronic Documents Act (PIPEDA).
Principle # 1: Our Accountability for the Collection, Use or Disclosure of Personal Information
As a customer of Mennonite Mutual Insurance, you have a right to expect that your insurer is accountable for the personal information it collects and uses. “Customer” means a current and former insured, an applicant for insurance, a claimant under one of our policies as well as an individual insured as part of a group or corporate policy.
We are responsible for maintaining and protecting your personal information while it is under our control. This includes any personal information that may need to be disclosed to third parties for processing or other administrative functions.
To help ensure the confidentiality of your personal information, we have established policies and procedures to ensure that we comply with the Personal Information Protection and Electronic Documents Act. We have designated a privacy officer who is responsible for our company’s compliance with the ten privacy principles by the Canadian Standards Association.
If you have any questions or inquires about how your personal information is stored, or when it may need to be disclosed to others, our privacy officer is there to assist and explain our policies to you.
Principle # 2: Identifying Our Purpose for the Collection, Use or Disclosure of Personal Information
Before or when we collect information about you, we will explain how we intend to use it. Mennonite Mutual Insurance collects personal information only for the following purposes:
- to provide ongoing service to our customer;
- to help us understand our customer’s needs better;
- to develop, enhance, market or provide insurance products and services;
- to enable us to underwrite your policy of insurance and set a fair premium;
- to provide us with the information that we need to adjust a claim in a fair and expeditious way;
- to meet our legal and regulatory requirements under the Insurance Act and other statutes.
Unless we are required by law, Mennonite Mutual Insurance will not use or disclose any personal information that has been collected without documenting the new purpose and obtaining your consent. If you have any questions about these purposes, our privacy officer will be pleased to explain them to you.
Principle # 3: Obtaining Your Consent for the Collection, Use or Disclosure of Personal Information
Mennonite Mutual Insurance will make a reasonable effort to make sure that our customers understand and consent to how their personal information will be used by the Company.
We will obtain your consent if we need to use your information for any other purpose and before collecting information from third parties such as other insurers and insurance service companies.
In certain circumstances, however, personal information may need to be collected, used or disclosed without the knowledge and consent of the individual. For example, legal, medical, or security reasons may make it impossible or impractical to seek consent.
The Personal Information Protection and Electronic Documents Act recognizes that when information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of an individual may defeat the purpose of collecting the information. Seeking consent may also be impossible or inappropriate when the individual is a minor, seriously ill, or mentally incapacitated.
In obtaining your consent, we will always use reasonable efforts to ensure that you are advised of the identified purposes for which any personal information collected will be used or disclosed.
Principle # 4: Limiting our Collection of Personal Information
We will always limit the collection of personal information to that which is necessary for the identified purposes. Typically, this is information that is required to enable us to underwrite your policy of insurance and charge a fair premium. We may need to collect personal information from other sources including credit bureaus.
Under certain circumstances we need to collect information to assist us in adjusting or investigating a claim. This may involve the use of licensed and regulated independent insurance adjusters or investigators. We will always collect personal information by fair and lawful means.
Principle # 5: Limiting the Use, Disclosure and Retention of Personal Information
Personal information will not be used or disclosed for purposes other than for which it was collected, except with your consent or as permitted or required by law. Your personal information will be retained only as long as it is necessary to fulfill those purposes.
Mennonite Mutual Insurance may disclose a customer’s personal information to the following organizations:
o Another insurance company for the reasonable provision of insurance services. This may include another insurance company that is subscribing to the risk insured under our policy.
o Another person or corporation as part of conducting business. This may include a reinsurance company, subject to that corporation agreeing to manage personal information in accordance with these privacy principles.
o A person or corporation that is involved in supplying us with claims support services. This may include a licensed independent insurance claims adjuster or investigator, or a fire or forensic expert or engineer.
o A medical or rehabilitation specialist or assessment clinic that is providing an opinion to us pursuant to our rights and obligations under the Insurance Act.
o A company or an individual employed by Mennonite Mutual Insurance to perform data processing, accounting, actuarial or statistical functions on our behalf.
o A person or corporation involved in the development, enhancement, marketing or provision of our insurance products and services. This may include an insurance broker or agent.
o An agent used by Mennonite Mutual Insurance to evaluate your creditworthiness or to collect an outstanding account. This may include credit grantors and reporting agencies.
o A public authority or agent of a public authority, if the information is required to comply with a provincial or federal statute or regulation.
o A law enforcement agency, where our customer consents to such disclosure or disclosure is required by law or emergency.
Mennonite Mutual Insurance does not provide or sell its customer lists to any outside company for use in marketing or solicitation. Only employees with a business “need to know”, or those whose duties require it, are granted access to personal information about our customers.
We keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law. Personal information that is no longer necessary or relevant for the identified purposes or required to be retained by law is destroyed, erased or made anonymous.
Principle # 6: Keeping Your Personal Information Accurate
Mennonite Mutual Insurance makes every effort to ensure that personal information about our customers is as accurate, complete, and up-to-date as is necessary for the purposes for which it was collected.
This may require contact with your insurance broker to confirm or update personal information required for underwriting purposes. In addition, the Insurance Act and the terms and conditions of your policy of insurance may require you to notify us of material changes to your personal information.
If you have any questions about the accuracy and completeness of the personal information that we have collected or retained, please do not hesitate to contact our privacy officer. If you need to update some aspect of your personal information, please contact your insurance broker or agent directly.
Principle # 7: Safeguarding Your Personal Information
Mennonite Mutual Insurance takes steps to protect personal information with security safeguards appropriate to the sensitivity of the information.
Specifically, we have stringent security measures in place to protect personal information against such risks as loss or theft, computer hackers, unauthorized access, disclosure, copying, use, modification or destruction.
Mennonite Mutual Insurance protects your personal information regardless of the format in which it is held. We also protect personal information we disclose to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.
All our employees with access to personal information are required as a condition of their employment to respect the confidentiality of personal information.
Principle # 8: Openness Concerning our Privacy Practices
Mennonite Mutual Insurance pursues a policy of openness about the procedures it uses to manage personal information. We will make specific information about our policies and practices relating to the management of their personal information available to customers upon request.
We ensure openness by providing you with the following information:
o the title and address of the privacy officer accountable for our compliance with the policy;
o the name of the individual to whom inquiries or complaints can be forwarded;
o the means of gaining access to personal information held by our company; and
o a description of the type of personal information held by Mennonite Mutual Insurance, including a general account of its use.
Mennonite Mutual Insurance makes information available to help our policyholders exercise informed choices regarding the use of their personal information.
Principle # 9: Customer Access to Personal Information
Mennonite Mutual Insurance informs its customers of the existence, use, and disclosure of their personal information upon request and provides access to that information. Our customers are able to challenge or correct the accuracy and completeness of their personal information and have it amended when appropriate.
When a request is made in writing, we will inform you in a timely fashion, of the existence, use, and disclosure of your personal information and you will be given access to that information. In order to safeguard your personal information, we may require you to provide sufficient identification information to permit us to authorize access to your file.
In certain exceptional situations, we may not be able to provide you with access to all of the personal information we hold. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, information that is subject to solicitor-client or litigation privilege, or, in certain circumstances, information of a medical nature. If this is the case, Mennonite Mutual Insurance will provide the reasons for denying access upon request.
Customers can obtain information or seek access to their individual files by contacting our designated privacy officer at the address described below.
Principle # 10: Challenging Compliance
A customer has the right to challenge Mennonite Mutual Insurance’s compliance with the above principles by contacting the privacy officer accountable for our compliance with the policy.
Mennonite Mutual Insurance maintains strict procedures for addressing and responding to all inquiries or complaints from its customers about its handling of personal information. We inform our customers about our privacy practices as well as availability of complaint procedures, if necessary.
For Further Information
Please contact our privacy officer directly by calling the toll-free number or by email.
Mennonite Mutual Insurance Co. (Alberta) Ltd.
# 300, 2946 – 32 Street NE
Calgary, AB T1Y 6J7